<?php
	session_start();
	require("../librarys/funs/quantri.php");
	$username = $_POST["username"];
	$password = $_POST["password"];
	$remember = $_POST["remember"];
	
	if ($username!="" && $password!="" && $remember!="") {
		$class_user = new user;
		$user = $class_user->get_by_username($username);
		
		$record_password = $user["password"];
		list($md5pass, $saltpass) = explode (":", $record_password);
		
		if ($user>0) {
			if ((md5($password . $saltpass)) == $md5pass) {
				if ((($user["anhien"]==0 && $user["idgroup"]==1) || ($user["anhien"]==0 && $user["idgroup"]==0)) || $user["idgroup"]==-1) {
					$_SESSION["kiemtradangnhapthinguyet"]=1;
					$_SESSION["taikhoandangnhapthinguyet"]=$user;
					$_SESSION["user_id"] = $user["id"];
					
					if ($remember=="true") {
						$time = time();
						setcookie("remember", $remember, $time + 60*60*24*7); 
						setcookie("username", $username, $time + 60*60*24*7); 
						setcookie("password", $password, $time + 60*60*24*7);
					}
					else {
						$time = time();
						if (isset($_COOKIE["remember"])) setcookie("remember",$_COOKIE["remember"],time()-3600);
						if (isset($_COOKIE["username"])) setcookie("username",$_COOKIE["username"],time()-3600);
						if (isset($_COOKIE["password"])) setcookie("password",$_COOKIE["password"],time()-3600);
					}
					echo "Successful.";
				}else {
					echo "Account is locked!";
				}
			}else {
				echo "Username and Password are not matched!";
			}
		}else {
			echo "User not found.";
		}
	}
?>